Theme Parks Collect Fingerprints of Unassuming Guests

Millions of theme park visitors blindly submit to biometrics scanning every year without hesitation or concern of their most vital information being exploited for criminal purposes.

Recently, your NSLF chief blogger visited Sesame Place in Langhorne, Pa. and discovered that hordes of unassuming visitors willfully submitted themselves to fingerprint scanning upon entry to the theme park. Luckily, yours truly did not purchase a season pass that requires giving-up my biometrics data to Big Bird and Co., but it was fascinating to see how many otherwise ‘private’ citizens did so without hesitation or questioning the legality and potential risks associated with the process.

A few short years ago, Disney theme parks became the first to utilize biometrics in the ticketing entrance process, says Janel Pisorchik, the director of business operations at accesso, a Florida-based company that specializes in electronic ticketing and eCommerce solutions for theme parks. He spoke with Chad Emerson, another curious blogger, about how biometrics became a ‘normal’ part of the theme park ticketing process.

Emerson: You were with Disney when biometrics – the use of fingerprint scanning and physiological data – became part of the ticketing process to authenticate the identity of pass holders. Tell us about that implementation.

Pisorchik: Disney was the first theme park to introduce Biometrics to the entrance process. The initial type of technology used was hand geometry. This was an effective deterrent to help decrease the number of tickets from being resold. However, from an operational perspective, explaining the enrollment & verification process to the guests entering the parks was a little challenging.

The team was tasked with finding new technology and then focusing on the entrance process. The key components were speed, accuracy and ergonomics of the unit. During one of the many biometrics related projects, I realized I am what is called a “goat.” I have one finger that does not have a clearly defined fingerprint due to a childhood injury. As you can imagine, I was leveraged for a variety of testing purposes.

It’s amazing to see the progress Disney has made in this field, now leveraging Biometrics for all ticketed media coming through the entrances. Walt Disney World is the largest single site Biometric installation in the world.

While Pisorchik cites the benefits of biometrics in the theme park ticketing process, especially with regards to ensuring those high-priced seasonal or weekly passes don’t get re-sold by patrons seeking to recoup some money for unused portions of their visits, he fails to address the privacy risks associated with biometrics gathering at Disney and other theme parks utilizing the technology.

Luckily, the defenders of privacy and digital freedom at the Electronic Frontier Foundation (EFF) have some useful information on their website for citizens who dare to question why Disney and other theme parks across the U.S. need permanent records of guests’ most vital biometric data versus verifying identities the old-fashioned way with driver’s licenses or passports.

“Biometric identification is often overkill for the task at hand. It is not necessary to identify a person (and to create a record of their presence at a certain place and time) if all you really want to know is whether they’re entitled to do something or be somewhere,” states an EFF fact sheet on biometrics. “When in a bar, customers use IDs to prove they’re old enough to drink, not to prove who they are, or to create a record of their presence.”

Theme parks only need to verify the pass holder’s identity matches that assigned to the pass. They do not need to create or record any data beyond that if making sure the pass has not been re-sold by the original purchaser is truly their goal.

While theme parks claim to be concerned about fraud and whatever ticket crimes they can cite as an excuse to demand pass holders submit to biometric data gathering, visitors to their establishments should be equally concerned about the threat to their personal and financial security posed by criminals and/or terrorists seeking to hack-in to and exploit biometrics databases.

“If you lose a credit card, you can cancel it and get a new one. If you lose a biometric, you’ve lost it for life,” the EFF warns. “Any biometric system must be built to the highest levels of data security, including transmission that prevents interception, storage that prevents theft, and system-wide architecture to prevent both intrusion and compromise by corrupt or deceitful agents within the organization.”

Essentially, when private citizens visit theme parks that utilize biometrics devices, they are asked to place an extraordinary amount of trust in these establishments to keep their most vital information secure from those who could destroy their lives with a click of a button. I did not see a single person at Sesame Place expressing such a concern or requesting to provide an alternate form of identification to avoid this potential nightmare scenario.

“Vendors and scanner operators may say that they protect privacy in some way, perhaps by hashing the biometric data or designing the database to enforce a privacy policy. But the end user typically has no way to verify whether such technical protections are effective or implemented properly,” continues the EFF’s warning. “End-users should be able to verify any such claims, and to leave the system completely if they are not satisfied. Exiting the system, of course, should at least include the expungement of the end-user’s biometric data and records.”

Once the visitors’ theme park passes have expired, it can only be assumed that their biometrics data remains contained in the establishments’ databases until they return again, just to make things ‘convenient’ for them, of course. Wake-up sheeple! You’re risking a potential lifetime of misery and hardship by allowing theme parks to store your most vital personal information on their so-called ‘secure’ servers that are just waiting to be hacked by criminals and/or terrorists seeking to exploit your identity for their illegal pursuits.

Voila! Your fingerprint can now be used to perform criminal actions.

Imagine this scenario that you’ve probably seen play-out in an episode of ’24’ or espionage flick: A fingerprint scan is stolen from a computer file and magically transformed in to a silicone mold that’s placed on the fingertip of someone seeking to use it for whatever reason, most likely to gain entrance to a secure room or building. Let’s take it one step further and use that fingerprint mold to pull the trigger of a gun. That’s your fingerprint on a gun that’s indistinguishable to a judge and jury seeking to put you behind bars for a very long time, if not execute you.

The possibilities for legal citizens’ fingerprints to be exploited by criminals and/or terrorists is limitless. Do you trust theme parks and their ‘secure’ servers to protect your fingerprints and other biometric data from being stolen and exploited by some very bad people who want you to pay for their crimes?

since it is a “private” business I would image they can do what they want in this regard. Sickening that they abuse what they are as a business to collect this data, they pit the desires and the wants of the kids against the parent’s desire for privacy (well at least those awake enough to know what a crock this is)

Nope, they won’t. They will probably only ask you for an alternate form of ID. I work at a waterpark that uses the same system. For children who are too young/small to do the finger-scan, their parents can choose to opt out. Adults can also opt-out too. And then all they have to do is ask the children what their names are. And it’s not quite “fingerprinting” that we use at these amusement parks, which makes the last part of the article WRONG! I work with these machines and I can vouch for it myself! Although, I do see these systems as sort of inefficient and I do think that the consumers’ concern is somewhat valid. And the reason I say it’s inefficient is well, it doesn’t work well with everyone in every single situation. Like special needs kids whose parents didn’t know that they could opt-out. And this one girl with eczema that came through my line once. My point is, while there is some good things about it, there is a reasonable concern for the safety of the consumer and it’s a bit inefficient. And a lot of people don’t know that they can opt-out.

I am sure it is legal to deny entrance to the park if someone refuse to use the biometric scan, but a biometric entrance shall not be the only option. If it is so, we should be more than willing to cooperate to ensure perfect security. Imagine if terrorist requests for the same and enter a theme park full of kids and parents. That will not be a pretty side.

added your story to my news site because I just recently went to a theme park called Dollywood and they didn’t do a thumb scan, not even a bag search. Heck you should tell everyone to goto Dollywood for not using thumb scanners unless I’m wrong but how could I? I walked through the gate and give the man the ticket and all he scanned was the ticket and then he let me through. No thumb scans, no bag searches, no photo IDs, no nothing.

I am considering suing through ACLU for the required taking of my, as well
as my husband’s fingerprints. We did object, but were told we could not enter after traveling from Indiana to Florida. We have had Identity Thief problems and are seriously concerned about this “biometrics” ticket scanning.

@Nancy, identity theft does not happen with biometric templates. In fact biometrics are used to protect identity theft. If theme parks are asking for fingerprints, please take a breath of relief as you will most likely be safe inside and not die of a terrorist attack and you can be relieved that your children are safe inside.

@St.Anger, Most people believe that a biometric fingerprint template is a picture of our fingerprint. This is one of the biggest myths in biometrics. Most biometric templates are not stored the way we imagine they are. A biometric template is generated in real-time as when a signal is captured. For example, if a company uses a capacitive sensor for fingerprint, there is no fingerprint picture taken.. A small volt of charge is produced to capture ridge patterns. This pattern is automatically converted into a biometric template of binary data of 26-512 data bits depending on the algorithm. Even if the biometric template (data set) is lost, it is absolutely impossible to decode a fingerprint from a biometric template.
I use the “knife” analogy for the use of biometrics.. knife can be used to kill people and harm them, but it is also used for cutting vegetables and meat for food or wood to construct houses.. Every technology can be used in many different ways and we need to decide what we need to use it for after having done proper research on it and understanding all pros and cons. Most people today form opinions about technology without even knowing much about it. I am ready to take any questions on biometrics anytime.. Will be happy to clear out some misconceptions. Thanks, Abhinav

My friend bought extra season passes to bring friends in, I was the first friend he brought so I tried to mess up the finger print. The park entrance worker eventually told me to hold it there and I got in. Is there a way for him to get another friend in?